Your 2018 Business Resolution – Design A Remote Security Protocol

Remote work is the new normal. Whether you’re offering flextime to current employees, have staff working remotely while visiting clients, or hiring external contractors, it’s likely that many of your workers spend time offsite. There’s just one problem – security.

Despite the growing population of remote workers, many companies have failed to develop protocols and security standards for these workers, and that opens countless doors to data compromise. Make it your 2018 resolution to close the security gap. Your business depends on it.

IMAGE: PIXABAY

The Basics: Unsecured Networks

The first thing you should discuss with staff and contractors when outlining your security protocol is the use of unsecured internet connections. Whether they’re traveling or just working out of a local coffee shop, it’s common for remote workers to link up with whatever Wi-Fi connection is available. This is dangerous as it opens devices with company data up to hacking.

Make it clear to team members that they should always use a secure internet connection and provide them with the resources to do this properly. This might mean giving permanent staff members access to portable hotspots for when they’re working offsite, or giving contractors an allowance for small tech expenses. Remote workers often use unsecured networks or engage in other unsafe practices because they don’t have the funds to do anything else.

BYOD: Is Your Device Safe?

Bring your own device (BYOD) policies were all the rage a few years ago, specifically as a cost-saving, convenience measure for businesses. Now, though, companies just accept the use of personal mobile devices as the cost of doing business. Employees and contractors use them while off-site or as they move around the office, boosting productivity through flexibility. The only problem is that personal mobile devices aren’t subject to mobile security protections, presenting new vulnerabilities to cyber attackers.

One solution to BYOD problems is to improve your company’s mobile access options. A secure, cloud-based SD-WAN, such as that offered by Cato Networks, for example, protects mobile users from network-based threats, regardless of their location.

Users run Cato’s mobile client to Cato’s global network. Once connected they gain the protection of built-in security services including next-generation firewall (NGFW), secure web gateway (SWG) and intrusion prevention system (IPS). Application performance is also improved by avoiding the additional network latency common to internet routing.

The Human Factor: Passwords Precautions

There’s a saying these days that you no longer hack systems, you hack people. What does that mean? In essence, saying that you hack people rather than systems means that the space of human error is so great that it’s easy to follow up on those mistakes and take advantage of them.

Passwords are a great example of how we hack people rather than computers. Businesses typically require their staff to use secure passwords and change them frequently. They might even provide random, computer-generated codes. The problem, then, is that remote workers aren’t confined to company systems and they likely don’t use such secure passwords on their personal devices. This means any business data on personal devices is highly vulnerable to hackers.

Remote workers have also been known to recycle passwords that have been hacked, which is one of the most dangerous things you can do. If workers are going to be granted the privilege of working remotely, mandate secure passwords for personal devices and encourage staff to use two-factor authentication whenever possible.

Security – Facing The Unknown

There will always be tech issues you can’t prepare for, whether it’s the newest fishing attack of IoT communication vulnerabilities, but that doesn’t mean you should skip the tech security policies altogether. Rather, your responsibility as the business home base is to offer your remote team the tools, education, and guidelines they need to keep your company secure. Whether that’s providing a tech allowance or holding seminars on phishing and ransomware, every step towards data protection is a step in the right direction.